Merge branch 'improve-configuration-file' into 'master'

Add parameters for tls and knot See merge request re2o/dns!1

Merge branch 'improve-configuration-file' into 'master'
Add parameters for tls and knot See merge request re2o/dns!1
969afb11 · chirac · 0970c4f2 · 27f52af5 · 969afb11 · 969afb11
Commit 969afb11 authored Jan 17, 2020 by chirac
--- a/README.md
+++ b/README.md
@@ -6,10 +6,24 @@ This service uses Re2o API to generate DNS zone files
 ## Requirements

 * python3
-* knot
+* knot (only if using knot)
 * requirements in https://gitlab.federez.net/re2o/re2oapi

 ## Scripts

 * `main.py`: Generates the zone files and reloads the zones
 * `dnssec_generate.py`: Generate the DS records for the zones in `dnssec_domains.json` and writes them to `dnssec.json`
+
+## Configuration file
+
+The template of the configuration file is given in `config.ini.example`. You should copy it into `config.ini` and modify at least the first 3 paramters :
+
+| Parameter  | Default value      | Description                    |
+|------------|--------------------|--------------------------------|
+| `hostname` | `re2o.example.net` | Hostname of your re2o instance |
+| `username` | `my_api_username`  | Username to access the api     |
+| `password` | `my_api_password`  | Password to access the api     |
+| `use_tls`  | `true`             | Use TLS to connect to the api  |
+| `use_knot` | `false`            | Use knot specific commands     |
+
+For boolean parameters, according to https://docs.python.org/3/library/configparser.html, 'yes'/'no', 'on'/'off', 'true'/'false' and '1'/'0' are valid parameters.
--- a/config.ini.example
+++ b/config.ini.example
@@ -2,3 +2,5 @@
 hostname = re2o.example.net
 username = my_api_username
 password = my_api_password
+use_tls = true
+use_knot = false
--- a/main.py
+++ b/main.py
@@ -11,7 +11,6 @@ import sys

 from re2oapi import Re2oAPIClient

-import knot


 path = os.path.dirname(os.path.abspath(__file__))
@@ -21,6 +20,11 @@ config.read(path+'/config.ini')
 api_hostname = config.get('Re2o', 'hostname')
 api_password = config.get('Re2o', 'password')
 api_username = config.get('Re2o', 'username')
+use_tls = config.getboolean('Re2o', 'use_tls')
+use_knot = config.getboolean('Re2o', 'use_knot')
+
+if use_knot:
+    import knot

 template_soa = (
    "$ORIGIN {zone}.\n"
@@ -217,7 +221,7 @@ def write_dns_file(zone, verbose=False):
        for x in zone['dname_records']
    )

-    if zone['name'][1:] == "crans.org":
+    if use_knot and zone['name'][1:] == "crans.org":
        ds_records = ""
        for extension in filter(lambda zone: zone.endswith('.crans.org'), zone_names):
            for ds in knot.get_ds(extension, verbose):
@@ -275,7 +279,6 @@ def write_dns_reverse_file(api_client):
     # because some iptype may share the same prefix
     # in which case we must append to the file zone already created
     zone_v6 = []
-
     for zone in api_client.list("dns/reverse-zones"):
        # We start by defining the soa, ns, mx which are comon to v4/v6
        now = datetime.datetime.now(datetime.timezone.utc)
@@ -413,7 +416,7 @@ def write_dns_reverse_file(api_client):
                    f.write(zone_file_content)
                zone_v6.append(zone6_name)

-api_client = Re2oAPIClient(api_hostname, api_username, api_password, use_tls=False)
+api_client = Re2oAPIClient(api_hostname, api_username, api_password, use_tls=use_tls)

 client_hostname = socket.gethostname().split('.', 1)[0]

@@ -422,7 +425,8 @@ if __name__ == '__main__':
    parser.add_argument('-f', '--force', '--forced', help="Forcer la régénaration des fichiers de zone.", action='store_true')
    parser.add_argument('-k', '--keep', help="Ne pas changer le statut du service.", action='store_true')
    parser.add_argument('-p', '--processes', help="Regénérer en utilisant n processus en parallèle (par défaut ne pas parallèliser).", metavar='n', nargs=1, type=int, default=[0])
-    parser.add_argument('-n', '--no-reload', help="Ne pas recharger les zones dans knot.", action='store_true')
+    if use_knot:
+        parser.add_argument('-n', '--no-reload', help="Ne pas recharger les zones dans knot.", action='store_true')
    parser.add_argument('-v', '--verbose', help="Afficher des informations de debug.", action='store_true')
    args = parser.parse_args()

@@ -452,7 +456,7 @@ if __name__ == '__main__':
            with open(path + '/serial.json', 'w') as serial_json:
                json.dump(serial + 1, serial_json)

-    if not args.no_reload:
+    if use_knot and not args.no_reload:
        error = os.system('/usr/sbin/knotc zone-reload >/dev/null 2>&1')
        if error:
            # reload again and display the error message